bram93
08/28/2019, 7:55 AMbram93
08/28/2019, 10:08 AMmolikuner
08/28/2019, 10:19 AMrouting {
authenticate("myauth1") {
get("/authenticated/route1") {
// load your profile here.
}
}
}
I don't know about a way to intercept after auth. But it wouldn't be performand anyways, as some clients authenticate again prior every request.bram93
08/28/2019, 10:22 AMbram93
08/28/2019, 10:23 AMinstall(Authorization) {
roleResolver = { ... }
}
routing {
authenticate {
authorize("admin) {
// admin routes here...
}
}
}
molikuner
08/28/2019, 10:28 AMbram93
08/28/2019, 1:01 PMmolikuner
08/28/2019, 1:02 PMmolikuner
08/28/2019, 1:02 PMmolikuner
08/28/2019, 1:48 PMauthenticate
interceptors into each other? You could do an authorization feature for login and one for the roles. I don't know how to get the authenticated user in the second feature, but there should be a way.
As I said, just an idea, never tested sth like that.molikuner
08/28/2019, 1:50 PMrouting {
authenticate("login") {
authenticate("adminRole") {
get("/") {
// do your privileged stuff
}
}
}
}
bram93
08/28/2019, 5:38 PMEvan R.
08/29/2019, 12:31 PMAuthenticationPipeline.RequestAuthentication
. You may be able to register a new phase after it via the following:
val attachUserPhase = PipelinePhase("attachUserFromMicroservice")
pipeline.insertPhaseAfter(AuthenticationPipeline.RequestAuthentication, attachUserPhase)
pipeline.intercept(attachUserPhase) {
// Look up user profile here and attach to call.attributes
}
Evan R.
08/29/2019, 12:33 PMbram93
08/30/2019, 12:44 PMVinicius Araujo
10/15/2019, 12:49 AMbram93
10/15/2019, 12:26 PMvalidate { credentials ->
if (credentials.payload.audience.contains(jwkAudience)) {
val account = httpClient.get<Account>(accountEndpoint) {
header("Authorization", request.header("Authorization"))
}
KKPrincipal(credentials.payload, account)
} else null
}
Not the most elegant solution but worked for my usecasebram93
10/15/2019, 12:28 PMcall.authentication.principal<KKPrincipal>()
Vinicius Araujo
10/15/2019, 1:17 PMEvan R.
10/15/2019, 1:33 PMchallenge [ }
block in your provider definition?Vinicius Araujo
10/15/2019, 5:57 PMEvan R.
10/16/2019, 2:46 PMEvan R.
10/16/2019, 2:48 PMVinicius Araujo
10/16/2019, 5:54 PMEvan R.
10/16/2019, 7:11 PMrouting {
addUserAttributeInterceptor(userService)
}
Or:
routing {
get("/some-authenticated-endpoint") {
// Now this route and all sub-routes will be intercepted by the interceptor, but not others in the routing block
addUserAttributeInterceptor(userService)
}
}
Evan R.
10/16/2019, 7:13 PMRoute.intercept()
is documented here: https://ktor.io/advanced/pipeline/route.html#intercepting-any-route-nodeEvan R.
10/16/2019, 7:14 PMVinicius Araujo
10/16/2019, 8:29 PM